Chapter 9: Query Strings

Overcoming a basic problem with HTML/HTTP

HTTP is a "stateless" protocol. What I just said is absolutely true... But I'm betting that most of you don't have a clue what it means - or why it matters. So I'll explain. First, the Internet operates under a set of protocols or sets of rules. In a web address, http:// identifies the protocol as HTTP. That's the set of rules for sending a page to your browser.

Once a page has been delivered, the server forgets all about it. Oh, sure, there's an entry in the server logs but there's nothing in memory. That's why it's called "stateless". It has no idea what just happened and the last page you loaded has no effect on the next page you load. Lots of times that just the opposite of what you want.

Several schemes have been created to fix this problem. One of them is cookies. But a lot of people turn cookies off. That defeats their purpose - whatever that purpose was. Here's another scheme:

Suppose you want to pass some information from one page to the next one. If you control the links, you can tack a query string onto the URL in the link. Then you can use a script (or code on the page the link points to) to catch that information when the page loads.

How would you put that to work? Lots of ways! You might get a person's name on one page and pass it to the next page and display it there. You can use this trick to personalize a sales letter, for example. You might put a link like this in an email:

http://www.mysite.com/page5.php?name={name!}

The ?name={name!} part is a query string with a mail-merge token as the value for the key. (the "key" is "name" and the value is "{name!}". Your autoresponder will substitute the recipient's name for the token {name!} in each message it sends out. So what the recipient sees looks like this:

http://www.mysite.com/page5.php?name=Bob

In some cases (like when you're using Aweber autoresponders and you have link tracking turned on) the link may be cloaked so it doesn't actually look like my example. But behind the cloaking, it still looks like that to the web server.

Now what happens next is almost pure magic! The file page5.php has some PHP code on it. The key "name" becomes a variable called $name and its value becomes "Bob". Now anywhere on the page that you want to call Bob by name (as in "Dear Bob,") you can use <?php echo($name) ?> where you want it to say Bob (or Alice or Rajah, etc.).

Do you understand what just happened? You personalized your sales letter for every person on your email list. A similar thing happens when you pass a session ID in a query string. Do you remember that from the last chapter? Using a session ID and a database, you can make it look as if every page knows all about the visitor. Name, address, phone number, etc. can all be pulled from a database and echo()ed into form fields, ad copy...whatever.

But the rabbit hole goes much deeper than that! You can build up a very long query string that can pass many different items to the next page. It can all be under the control of your script.

Let's simplify the process so you can see how it works. Assume you have these variables and that they have the values I'm going to assign to them. They would most likely have picked up their values somewhere else or had them assigned based on other things happening in the script. But here goes:

$name = "Bob Bogus";
$address = "125 Center Drive";
$city = "North Platte";
$state = "Nebraska";
$zip = "84521";
$items_ordered = "Raincoat, gloves, hat";
$total_price = "$147.95";

OK. Now we're going to package this data into a URL that will point to the next page. This is how forms behave automatically but you might have just about any kind of data to pass from one page to another. Here's how you do it:

$url = http://www.mysite.com/page5.php?name=$name;
$url .= &address=$address;
$url .= &city=$city;
$url .= &zip=$zip;
$url .= &state=$state;
$url .= &items_ordered=$items_ordered;
$url .= &total_price=$total_price;

As we add each key/value pair to the query string, we're actually adding a key and a real value (the value is represented by the variable while we're building the string). The end result, after all the variables have been replaced, looks like this:

http://www.mysite.com/page5.php?name=Bob Bogus&address=125 Center Drive&city=
North Platte&state=Nebraska&zip=84521&items_ordered=Raincoat, gloves, hat&
total_price=$147.95

When the link is clicked - or sent by the header() function - it can pass all these items of information along to the next page or script. That solves the problem of HTTP being "stateless."

Copyright © 2004 Steve Humphrey